From 1cd68235bb04dc345f44824f151c7cd20ad7eece Mon Sep 17 00:00:00 2001 From: Adam Silverstein Date: Fri, 15 Aug 2025 19:11:32 +0000 Subject: [PATCH] Media: ensure `wp_get_attachment_image` uses valid user-provided width and height. Fix a bug introduced in WordPress 6.8.2 (r60415) that led to user supplied values for width and height in the $attr array passed to `wp_get_attachment_image` to be overwritten. Props rainbowgeek, ocean90, rollybueno, shreya0shrivastava, heybran, mukesh27. Fixes #63714. Built from https://develop.svn.wordpress.org/trunk@60641 git-svn-id: http://core.svn.wordpress.org/trunk@59977 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/media.php | 14 +++++++++++--- wp-includes/version.php | 2 +- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/wp-includes/media.php b/wp-includes/media.php index 8e9f761eb0..8c9b49f675 100644 --- a/wp-includes/media.php +++ b/wp-includes/media.php @@ -1091,9 +1091,17 @@ function wp_get_attachment_image( $attachment_id, $size = 'thumbnail', $icon = f */ $context = apply_filters( 'wp_get_attachment_image_context', 'wp_get_attachment_image' ); - $attr = wp_parse_args( $attr, $default_attr ); - $attr['width'] = $width; - $attr['height'] = $height; + $attr = wp_parse_args( $attr, $default_attr ); + + // Ensure that the `$width` doesn't overwrite an already valid user-provided width. + if ( ! isset( $attr['width'] ) || ! is_numeric( $attr['width'] ) ) { + $attr['width'] = $width; + } + + // Ensure that the `$height` doesn't overwrite an already valid user-provided height. + if ( ! isset( $attr['height'] ) || ! is_numeric( $attr['height'] ) ) { + $attr['height'] = $height; + } $loading_optimization_attr = wp_get_loading_optimization_attributes( 'img', diff --git a/wp-includes/version.php b/wp-includes/version.php index b3d2b3271b..c6fb6ccaef 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.9-alpha-60640'; +$wp_version = '6.9-alpha-60641'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.